Aigroup Financial Services Openclaw Release
Security checks across malware telemetry and agentic risk
Overview
Prompt-injection indicators were detected in the submitted artifacts (base64-block, unicode-control-chars); human review is required before treating this skill as clean.
This bundle looks aligned with its financial modeling and deliverable-generation purpose. Before installing, confirm you trust the publisher, review the bundled MiniMax-derived office components, install Python/Node dependencies from trusted sources, and only process confidential client or deal data after verifying the external MCP and host office skills your OpenClaw environment will use. ClawScan detected prompt-injection indicators (base64-block, unicode-control-chars), so this skill requires review even though the model response was benign.
VirusTotal
VirusTotal engine telemetry is currently stale for this artifact.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the office-generation features may run bundled code that was not installed through a package manager or pinned dependency workflow.
The bundle includes prebuilt executable/binary office components. This is purpose-aligned for DOCX generation, but users must trust the vendored binary provenance.
skills/minimax-docx/scripts/dotnet/MiniMaxAIDocx.Cli/bin/Debug/net8.0/MiniMaxAIDocx.Cli (124240 bytes)
Install only if you trust the publisher and review or rebuild bundled binaries where possible for high-sensitivity environments.
The skill may not work until additional local tools are installed, and those tools become part of the trusted workflow.
The registry metadata declares no required binaries, but the quickstart documents runtime dependencies. This is disclosed and purpose-aligned, but under-declared in metadata.
Runtime dependencies (must be on PATH) ... `python3` ... `uvx` ... `node` ... `python-pptx` ... `pptxgenjs`
Install dependencies from trusted sources and verify versions before running financial-document generation workflows.
A mistyped or modified cleanup command could delete unintended local files.
The troubleshooting docs include a destructive shell cleanup command. It is scoped to OpenClaw cache directories and user-directed, but users should understand it before running it.
find /var/folders -name "openclaw-clawhub-package-*" -type d 2>/dev/null | xargs rm -rf
Run setup and cleanup commands manually, inspect paths first, and avoid copying modified commands from untrusted sources.
Company, deal, or financial materials may be passed through other configured tools or host skills during analysis and document generation.
The suite is designed to rely on other installed plugins and MCP services for data collection and routing. This is disclosed and aligned with the financial workflow, but it means data boundaries depend on those external components.
expects data collection to come from AIGroup lead-intelligence plugins and MCP services
Confirm which MCP services and host office skills are installed and trusted before processing confidential client or deal information.
Users might retry installation without fully investigating a fresh safety warning.
The troubleshooting text may lead users to treat scanner warnings as cache/version issues. It does not instruct disabling safety controls, but scanner warnings should still be independently reviewed.
If the safety scanner reports a dangerous code pattern ... it's likely a downstream plugin (not this one) or an older version of this plugin.
If a current install is blocked by a scanner, verify the exact package version and warning details instead of assuming it is a stale cache issue.